Your Privacy is our top priority. We don’t request access to your personal information unless we need it to provide our service. We don’t share your personal information with anyone except to comply with the law and protect our rights and we don’t store personal information on our servers unless required for our service operation. Your personal information is transmitted, stored and processed securely on our servers.

We take security seriously into account, and we follow the generally accepted standards for the protection and management of your personal information and data. Our servers are hosted in Amazon EC2 data centers in Dublin, Ireland and they have a high level of physical security. Furthermore, we use TLS connections between the users and our servers, so all data and chat texts are encrypted during transmission. TLS (Transport Layer Security) is a protocol that ensures privacy between communicating applications and their users on the Internet.

When using the service, various data and information is stored relating to you and your visitors. This provides access to functionality such as visitor monitoring, chat and chat history. The information collected is relating to the equipment used to access websites, IP addresses, type of browser and operating system. Also we collect some information like how many times a visitor has visited a website and how much time he is on a website. The information collected can be used for statistical purposes by us to improve the security and functionality of our services, but we never give or sell this information to others. Also chat messages and images are securely stored on our servers and nobody has access to that information, except authorized employees who have physically access to the servers only for server maintenance purposes. We never give or sell this information to others. We don't store and we don't have access to any details relating to your payments like PayPal credentials or credit card details.

onWebChat will not use any data from your account, from the list of your visitors or any other information of your clients for any reason other than those intended for the functionality of the service. Your customer data will not be shared with anyone else or to any third party. onWebChat will not use data of your customers (eg. email address) to send emails or any other information. Sometimes, we might communicate only with you (onWebChat users) to inform you about important announcements or new features related to our services. You can unsubscribe at any time with a click on the link provided in emails. We rarely may contact directly with you via email for some important reason, about your account.

The management and protection of personal data of both our service users and their website visitors, is subject to the terms of this agreement and the relevant provisions of General Data Protection Regulation (GDPR) (EU) 2016/679. The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union. It applies to companies based in the EU and global companies who process personal data about individuals in the EU. The regulation will aplly from 25 May 2018.

Is GDPR affecting you?
If you process personal data of any person in the EU, GDPR will apply to you regardless of whether you’re based in the European Union or not. Except strengthening user data privacy across EU nations, GDPR will require new or additional obligations on organizations that handle EU citizens’ personal data, regardless of where the organizations are located.

Features to help you comply with GDPR
onWebChat as data processor, we are releasing new features that will help you comply with the GDPR regulation. Admin operators have the ability to delete visitors and all related data, like chats and offline messages. Also we are releasing a new export feature, which helps you export all data for a visitor of your website.

Features for us to comply with GDPR
We must comply with GDPR, so we are releasing new features like automated deletion of operator accounts and all related data. Also we are releasing a new export feature, so we can export for you all data related to your onWebChat account.

If you disagree with this privacy policy, you should stop using our service and delete your onWebChat account. According to the General Data Protection Regulation (GDPR), you have the right to access, correct, transfer and delete your data.

As onWebChat evolves, this privacy policy is likely to evolve with it. We will not reduce your rights under this policy without your explicit consent. We will post any policy changes on this page and, if the changes are significant, we will provide a more prominent notice. You are encouraged to frequently check this page for any change and if you continue using our service will constitute your acceptance of it.

onWebChat uses the following subprocessors to provide you our services

Subprocessor/Third party service Purpose Country
AWS Amazon Server/Data hosting Ireland
Zoho Email hosting USA
Google Inc Cloud analytics USA


Cookies are small text files, that are placed on your computer by websites that you visit and which may then be sent back to the servers each time the browser requests a page from the server. Cookies are used to identify users as they navigate different pages on a website or when returning to the website. Cookies may store your preferences and your profile information. For example, cookies are used by onWebChat to store some chat options of your webvisitors like the sound option. Regarding our website and operator console cookies are used to save data like your language preference. Visitors who do not wish to have cookies stored on their computers can set their browsers to refuse cookies before using our website, but many features of our live chat service may not function properly without using cookies.

onWebChat website may use the following cookies on your browser when you visit our website:

PHPSESSID: used by PHP to keep track of sessions (session)
_ga , _gat , _gid: used by Google analytics to distinguish visitors
accept-cookies: set to true if we have visitor's contest to store cookies (2 years)
onwebchatf: store browser http_referer info (from where a visitor came) (10 days)
aff: if the visitor comes from an affiliator, stores the affiliator id (90 days)
onwebemail: used if selected "keep me sign in" - the email of the user (60 days)
onwebhash: used if selected "keep me sign in" - hash of encrypted password (60 days)
lang: used to remember the visitors' selected language (session)

For the functionality of live chat widget, the following cookies may be used. Also, the following cookies may be used by our users' websites (websites using onWebChat service), so you may need to inform your visitors about that.

onwbchtexpress.sid : It's the identifier for your current onWebChat session (session)
io : keep session (session)
onwbchtclientid : It is a unique id so that onWebChat can identify visitors (1 year)
onwbchtsessionrandom : A random number used to identify visitors (used only on some browsers) (1 year)
onwbchtblocked : It is used to store if this visitor is blocked by an operator (6 months)
onwbchtSound : It is used to store sound On/Off preference of the visitor (if the visitor visit again this website or opens a new tab) (3 months)
onwbchtlastvisit : The last date visitor visited this website (3 months)
onwbchttimesVisited : How many times a visitor has visited this website (3 months)
inChatC : A flag indicating if this visitor is currently chatting. (4 hours)
hasTriggeredC : a flag indicating if a trigger has been shown (only when using triggers) (4 hours)

Also, the next cookies may be stored (for 1 day) if the visitors' browser doesn't support sessionStorage (iOS Safari):

sessionstorage.maxChat : a flag indicating if the visitor has maximized the chat window (so that it will be the same if he opens a new tab)
sessionstorage.chattext : the text of the chat, so that visitor can see the chat if he opens a website page on a new tab
sessionstorage.hideImage : a flag indicating if the visitor has hidden the image (on chat window)
sessionstorage.mustSendTriggerText : a flag indicating that the text of the trigger should be sent to the operator (for displaying the chat dialog)
sessionstorage.hasStartedWriting : a flag indicating if the visitor has started writing in the text area
sessionstorage.triggerText : the text of the trigger that has been shown to the visitor
sessionstorage.hasTriggered : a flag indicating if a trigger has been shown
sessionstorage.hasWrSeByTr : a flag indicating if the text "served by ..." has been written to the visitor chat
sessionstorage.secOnSite : how many seconds the visitor is on the website (only when used triggers for the whole website)

If you have any questions about this policy, you can contact us at

We use cookies to ensure that we give you the best experience on our website.